Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/AAr3samsvI0AlDV_4vKvu55g-NQ.roa
File: AAr3samsvI0AlDV_4vKvu55g-NQ.roa (raw, json)
Hash identifier: 1VExls74M4ifFijxAgupEVDSD7JnQH7YxUvIGdJa2+Q=
Subject key identifier: 00:0A:F7:B1:A9:AC:BC:8D:00:94:35:7F:E2:F2:AF:BB:9E:60:F8:D4
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01972C188978F7330F637503B2E54E7B32BE
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/AAr3samsvI0AlDV_4vKvu55g-NQ.roa
Signing time: Sun 01 Jun 2025 15:24:54 +0000
ROA not before: Sun 01 Jun 2025 15:24:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 46.3.4.0/22 maxlen: 22
46.3.4.0/24 maxlen: 24
46.3.5.0/24 maxlen: 24
46.3.6.0/24 maxlen: 24
46.3.7.0/24 maxlen: 24
46.3.16.0/22 maxlen: 22
46.3.16.0/24 maxlen: 24
46.3.17.0/24 maxlen: 24
46.3.18.0/24 maxlen: 24
46.3.19.0/24 maxlen: 24
46.3.24.0/22 maxlen: 22
46.3.24.0/24 maxlen: 24
46.3.25.0/24 maxlen: 24
46.3.26.0/24 maxlen: 24
46.3.27.0/24 maxlen: 24
46.3.30.0/24 maxlen: 24
46.3.64.0/22 maxlen: 22
46.3.64.0/24 maxlen: 24
46.3.65.0/24 maxlen: 24
46.3.66.0/24 maxlen: 24
46.3.67.0/24 maxlen: 24
46.3.68.0/22 maxlen: 22
46.3.68.0/24 maxlen: 24
46.3.69.0/24 maxlen: 24
46.3.70.0/24 maxlen: 24
46.3.71.0/24 maxlen: 24
46.3.72.0/22 maxlen: 24
46.3.72.0/24 maxlen: 24
46.3.73.0/24 maxlen: 24
46.3.74.0/24 maxlen: 24
46.3.75.0/24 maxlen: 24
46.3.76.0/24 maxlen: 24
46.3.86.0/23 maxlen: 23
46.3.92.0/22 maxlen: 22
46.3.92.0/24 maxlen: 24
46.3.93.0/24 maxlen: 24
46.3.94.0/24 maxlen: 24
46.3.95.0/24 maxlen: 24
46.3.148.0/22 maxlen: 22
46.3.148.0/24 maxlen: 24
46.3.149.0/24 maxlen: 24
46.3.150.0/24 maxlen: 24
46.3.151.0/24 maxlen: 24
46.3.203.0/24 maxlen: 24
46.3.204.0/24 maxlen: 24
46.3.224.0/22 maxlen: 22
46.3.224.0/24 maxlen: 24
46.3.225.0/24 maxlen: 24
46.3.226.0/24 maxlen: 24
46.3.227.0/24 maxlen: 24
46.232.26.0/23 maxlen: 24
46.232.26.0/24 maxlen: 24
46.232.27.0/24 maxlen: 24
46.232.28.0/22 maxlen: 24
46.232.28.0/24 maxlen: 24
46.232.29.0/24 maxlen: 24
46.232.30.0/24 maxlen: 24
46.232.31.0/24 maxlen: 24
46.232.32.0/20 maxlen: 24
46.232.80.0/20 maxlen: 20
46.232.80.0/24 maxlen: 24
46.232.81.0/24 maxlen: 24
46.232.82.0/24 maxlen: 24
46.232.83.0/24 maxlen: 24
46.232.84.0/24 maxlen: 24
46.232.85.0/24 maxlen: 24
46.232.86.0/24 maxlen: 24
46.232.87.0/24 maxlen: 24
46.232.88.0/24 maxlen: 24
46.232.89.0/24 maxlen: 24
46.232.90.0/24 maxlen: 24
46.232.91.0/24 maxlen: 24
46.232.92.0/24 maxlen: 24
46.232.93.0/24 maxlen: 24
46.232.94.0/24 maxlen: 24
46.232.95.0/24 maxlen: 24
149.126.192.0/24 maxlen: 24
149.126.197.0/24 maxlen: 24
149.126.200.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.215.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2c:18:89:78:f7:33:0f:63:75:03:b2:e5:4e:7b:32:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jun 1 15:24:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=000af7b1a9acbc8d0094357fe2f2afbb9e60f8d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:23:c9:52:5f:ab:77:39:1f:f1:a2:db:4e:81:
12:e2:1b:f2:4a:ab:69:e8:2c:4d:5c:71:0f:a5:3a:
29:9c:cb:c5:a7:5c:24:ea:a8:53:c7:6d:c1:63:13:
b3:26:b8:60:25:2d:73:ac:3a:3d:22:d1:f7:fc:a1:
95:f0:0a:b2:8c:c3:63:4c:7b:fa:5a:d2:dd:88:2e:
27:8e:86:cc:60:35:62:b3:63:ae:3a:8d:41:46:38:
f8:00:ad:54:83:a0:5b:e2:d3:ec:8e:be:e9:60:a8:
f5:64:82:a1:bc:84:38:5b:08:7e:16:89:da:5b:bf:
d7:51:65:59:6c:14:c0:63:1f:fe:43:dc:d4:91:8b:
ed:14:e2:2b:80:04:51:6c:ed:45:dd:6d:bf:db:72:
a5:e7:13:06:97:f8:d9:45:0f:01:67:c2:cf:20:f3:
cf:5e:9d:be:af:8b:77:46:b8:8e:c7:2f:06:78:8f:
bb:81:f1:ad:1c:b5:76:ac:74:da:29:37:24:6d:f7:
15:64:6d:90:cb:e3:94:bb:59:c5:76:5a:12:3a:f0:
67:dd:7d:23:d3:50:37:a7:a9:99:7b:6d:07:d5:a5:
d0:2a:fa:18:48:d1:f9:55:65:ae:08:24:89:bd:77:
72:ac:a1:06:f3:a5:9e:f9:59:27:f8:9a:12:8e:f1:
2b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0A:F7:B1:A9:AC:BC:8D:00:94:35:7F:E2:F2:AF:BB:9E:60:F8:D4
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/AAr3samsvI0AlDV_4vKvu55g-NQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.4.0/22
46.3.16.0/22
46.3.24.0/22
46.3.30.0/24
46.3.64.0-46.3.76.255
46.3.86.0/23
46.3.92.0/22
46.3.148.0/22
46.3.203.0-46.3.204.255
46.3.224.0/22
46.232.26.0-46.232.47.255
46.232.80.0/20
149.126.192.0/24
149.126.197.0/24
149.126.200.0/24
149.126.206.0/24
149.126.215.0/24
149.126.224.0/24
149.126.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:c7:fb:0c:60:ed:d2:06:2b:c0:59:b0:3f:d7:01:11:74:07:
85:c4:eb:b9:1d:12:25:74:8c:a2:5b:f8:d5:23:49:4a:7a:cb:
dc:3f:90:02:c0:64:ee:16:61:34:1c:90:40:10:ff:86:13:a4:
9e:2c:e7:dc:11:dd:a1:b2:3b:9d:de:05:b3:ae:02:3a:cc:58:
f3:9e:df:df:8e:a2:48:51:34:fc:4f:28:57:d3:dd:f4:01:5b:
12:2b:7d:34:1f:3f:2a:c4:d4:39:c0:6b:9c:8a:e2:c7:a2:c2:
a3:79:ec:e6:da:21:41:13:f0:a6:15:e1:85:c7:9a:08:62:71:
02:fd:85:0b:61:c9:04:00:e7:65:47:1d:48:f0:6b:63:26:23:
3a:1b:21:11:ae:4d:7b:b9:67:cd:a2:58:3b:69:9f:09:a6:ae:
8a:70:d9:e9:39:32:b6:b4:24:ce:29:b2:89:56:83:e5:22:74:
11:69:c8:f4:9e:d3:8e:2b:a6:98:3a:57:4f:b0:dc:8f:4c:7c:
c0:66:dc:35:78:b6:ff:f8:d5:71:e2:3c:14:5f:0a:03:5e:5a:
b9:46:a1:5c:1a:6e:67:15:72:ea:82:0e:5c:f4:5b:8d:3e:54:
e6:46:0b:ea:52:5d:f9:c4:b0:2b:f8:31:80:3e:55:93:58:d4:
79:e5:29:74
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZcsGIl49zMPY3UDsuVOezK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNjAxMTUyNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBhZjdiMWE5YWNiYzhkMDA5NDM1N2ZlMmYyYWZiYjllNjBmOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCPJUl+rdzkf8aLbToES4hvySqtp
6CxNXHEPpTopnMvFp1wk6qhTx23BYxOzJrhgJS1zrDo9ItH3/KGV8AqyjMNjTHv6
WtLdiC4njobMYDVis2OuOo1BRjj4AK1Ug6Bb4tPsjr7pYKj1ZIKhvIQ4Wwh+Fona
W7/XUWVZbBTAYx/+Q9zUkYvtFOIrgARRbO1F3W2/23Kl5xMGl/jZRQ8BZ8LPIPPP
Xp2+r4t3RriOxy8GeI+7gfGtHLV2rHTaKTckbfcVZG2Qy+OUu1nFdloSOvBn3X0j
01A3p6mZe20H1aXQKvoYSNH5VWWuCCSJvXdyrKEG86We+Vkn+JoSjvErUQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFAAK97GprLyNAJQ1f+Lyr7ueYPjUMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvQUFyM3NhbXN2STBBbERWXzR2S3Z1NTVnLU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIu
AwQDBAIuAxADBAIuAxgDBAAuAx4wDAMEBi4DQAMEAC4DTAMEAS4DVgMEAi4DXAME
Ai4DlDAMAwQALgPLAwQALgPMAwQCLgPgMAwDBAEu6BoDBAQu6CADBAQu6FADBACV
fsADBACVfsUDBACVfsgDBACVfs4DBACVftcDBACVfuADBACVfvYwDQYJKoZIhvcN
AQELBQADggEBAI/H+wxg7dIGK8BZsD/XARF0B4XE67kdEiV0jKJb+NUjSUp6y9w/
kALAZO4WYTQckEAQ/4YTpJ4s59wR3aGyO53eBbOuAjrMWPOe39+OokhRNPxPKFfT
3fQBWxIrfTQfPyrE1DnAa5yK4seiwqN57ObaIUET8KYV4YXHmghicQL9hQthyQQA
52VHHUjwa2MmIzobIRGuTXu5Z82iWDtpnwmmropw2ek5Mra0JM4psolWg+UidBFp
yPSe044rppg6V0+w3I9MfMBm3DV4tv/41XHiPBRfCgNeWrlGoVwabmcVcuqCDlz0
W40+VOZGC+pSXfnEsCv4MYA+VZNY1HnlKXQ=
-----END CERTIFICATE-----
Generated at Thu Jun 5 09:30:42 2025 by rpki-client